*SHORT* summary of some of the attacks against us for Apr 2005

   Just too many scans and not enough time to keep the list up all the time
    so... some of the more intresting scans/attacks, or 1 day samples are here
 

 year - time EASTERN source_ip[:port] (dns name, if any) attack/scan/notes

2005/04/08-21:09:50.84 80.96.109.138 (Asociatia Studenteasca a Retelelor din Drumul Taberei,Bucuresti Romania) portscan 132.235.1.1
2005/04/09-23:33:29.61 80.96.109.138 (Asociatia Studenteasca a Retelelor din Drumul Taberei,Bucuresti Romania) portscan 132.235.1.2
2005/04/11-06:57:47    67.169.132.93 9c-67-169-132-93.hsd1.ca.comcast.net.) try to login to all ips as root repeately.
2005/04/11-11:18:38.55 80.96.109.138 (Asociatia Studenteasca a Retelelor din Drumul Taberei,Bucuresti Romania) probe dtspcd on 132.235.1.2
2005/04/18-06:55:58    211.114.195.7 (Haksung Girl High School, KR) try to login to all ips as root repeately vi a ssh.
2005/04/18-08:17:16    202.158.162.201 (china) try to login to all ips as root repeately vi a ssh.
2005/04/25-12:56:41    218.153.147.92  (korea) try to login to all ips as root repeately vi a ssh.
2005/04/26-08:42:36.90 82.232.216.93 (vev69-1-82-232-216-93.fbx.proxad.net.) try to login oracle db user dbsnmp PASS dbsnmp
2005/04/26-08:44:27.44 82.232.216.93 (vev69-1-82-232-216-93.fbx.proxad.net.) try to login oracle db user METASPLOIT, pass +500 char long
2005/04/26-09:22:00.98 84.163.180.188 (p54A3B4BC.dip.t-dialin.net.) login oradle w/ MEATASPLOIT exploit
2005/04/27-06:21:05    210.177.200.245 ("TARGET WARCRAFT CYBER LIMITED", HK) scan net, login root via ssh on all ips
2005/04/27-19:36:56    131.175.181.91 (energb091.energ.polimi.it.) scan net, login root via ssh on all ips
2005/04/28-06:57:17    217.128.117.156 (APointe-a-Pitre-101-2-4-156.w217-128.abo.wanadoo.fr.) scan net, login root via ssh on all ips